3 matches found
Starbucks App Has Information Leakage Vulnerability
Starbucks APP is the official client software of Starbucks. Starbucks APP has an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...
CVE-2014-0647
The Starbucks iOS app version 2.6.1 stores credentials and other sensitive user data in plaintext inside the Crashlytics log file (/Library/Caches/com.crashlytics.data/com.starbucks.mystarbucks/session.clslog). The data exposed include usernames, email addresses, and passwords, enabling an attack...
CVE-2014-0647
The Starbucks 2.6.1 application for iOS stores sensitive information in plaintext in the Crashlytics log file /Library/Caches/com.crashlytics.data/com.starbucks.mystarbucks/session.clslog, which allows attackers to discover usernames, passwords, and e-mail addresses via an application that reads...